Appendix A, which forms part of this disclosure and is incorporated by reference herein, is a microfiche appendix consisting of 1 sheet of microfiche having a total of 58 frames. Microfiche Appendix A is a list of computer programs and related data in an embodiment of the present invention, which is described more completely below.
The invention relates generally to a computer software routine which facilitates and expands the functionality of secure program routines running on a local client computing system by permitting such routines to interact with resources located at a remote server. The invention has particular use in increasing the utility of routines embodied in Java(copyright) applets, which, while running locally on a user""s system, can nonetheless be configured to access resources from a remote server so as to circumvent security mechanisms otherwise prohibiting such applets from generating or reading local data structures.
A portion of the disclosure of this patent document contains material that is subject to copyright protection. The copyright owner has no objection to the xerographic reproduction by anyone of the patent document or the patent disclosure in exactly the form it appears in the Patent and Trademark Office patent file or records, but otherwise reserves all copyright rights whatsoever.
The use of the world wide web (WWW) is increasing rapidly, and so of course is the demand for intelligent systems and software which can permit users to better and more easily explore its offerings. To access information on the WWW, a user typically utilizes a browser program having a graphical interface (such as those offered by such companies as Sun, Microsoft, and Netscape) to establish an electronic connection between his/her local client computing system, and a remote server system located at an ISP (Internet Service Provider). After such connection is made, the user can then perform a number of operations through the browser, including such tasks as uploading/downloading files (including text, graphics, audio, video, etc.) and even executing programs located on such remote server. The ability to locally execute programs retrieved from a remote ISP is in fact one of the greater attractions and promises of the WWW. By having a repository which is accessible to millions of users simultaneously, program authors have an opportunity to expand the distribution and use of their products to a level far beyond that previously attainable. To avoid cluttering the user""s local computing system with extraneous program and associated support files, and more importantly so as to provide a measure of protection and security to such user, many of such programs are now being implemented using a language known in the art as Java(copyright), and, in particular, using programming tools known as xe2x80x9capplets.xe2x80x9d Java(copyright) applets are akin to Java(copyright) applications, but the former are specifically designed to interoperate with graphical user interfaces such as the conventional browsers mentioned above. Applets are extremely popular programs today also due to the fact that they provide program authors with the tools to create multi-media capable programs quickly and easily.
The ease of access to remote programs, however, also increases the possibility of potential security/privacy breaches at the user""s local computing system. There is simply no practical method for a user to monitor the behavior of a remotely retrieved program to ensure that it is not improperly loading data to the user""s system, or worse yet, capturing or altering private data from the user""s local file system in his/her computing system. To address this concern, the authors of Java(copyright) intentionally constrained applets to operate in what is conventionally known as xe2x80x9csand box.xe2x80x9d In other words, applets were imbued with substantial functionality, but they are not permitted, for example, to do such things as read or write from file systems outside their own domain (usually the file system of the remote server). So, in the case of a remotely downloaded applet embodying some code which the user desires to execute, such applet cannot read or write to the user""s local file system. For a discussion of this limitation of applets, please see xe2x80x9cAn Introduction to Computer Sciencexe2x80x94Using Javaxe2x80x9d by Kamin et. al., McGraw-Hill, p. 345 (1998). Another limitation, of course, is the fact that an applet cannot make use of data structures (such as graphics file formats for example) that are incompatible or unreadable with the browser within which such applet is executing.
Heretofore this limitation on applets has not posed a substantial barrier to the use of applet based programs on the WWW, although some attempts have been made to ameliorate the effects of this restriction. For example, some program designers have tried to exploit loopholes in the sandbox to trick the user""s operating system into permitting the applet to gain local access and print a file on a local printer. These programming patches, however, are undesirable because they are system specific, and are susceptible to being closed down by Java(copyright) developers/standards enforcers. Others have suggested relaxing the constraints on applets which are known by the user to come from a verified xe2x80x9ccleanxe2x80x9d source. By requiring an applet to pass through a certification process, some measure of security can be maintained. Again, nonetheless, such xe2x80x9cexemptionxe2x80x9d process is also vulnerable to attack from would-be security invaders, and is therefore unattractive to users seeking the maximum security intended to be offered by the applet environment. It is also inconvenient to users, because they must still perform the task of evaluating whether a particular program is worthy of certification. This, too, reduces the incentives for users to use the WWW, since it requires too much effort for the ordinary user to know what is safe and what is unsafe.
Despite the fact that such efforts have been limited in the past, applicant has realized that the need for a satisfactory solution to the applet limitation is more crucial now. The inability of an applet to print to a local printer, for example, means that a local user is unable to capture his/her local input and/or contributions to an applet program displaying a remotely retrieved file. This limits the user""s enjoyment of the program, since any contributions are lost once the browser program is closed. For example, a user who has used an applet in his/her browser and accessed a stock price chart located on a remote server, can make annotations, mark-ups, etc., and see such contributions on a display screen. They cannot, however, print a hard copy of such image, and again this reduces significantly the user""s enjoyment and the utility of such program.
An object of the present invention, therefore, is to provide a system and method for permitting a local resource constrained software routine running on a local client system to circumvent such restrictions by exploiting resources at a remote server location;
Another object of the present invention is to provide a system and method for permitting a user of a locally executing client internet browser to manipulate and perform operations on files containing a mixture of local and remote server data;
A related object of the present invention is to provide a system and method for permitting a Java(copyright) applet to be able to emulate local file type functionality to a user while still complying with applicable security restrictions on such types of routines when running on a client machine;
Yet another object of the present invention is to provide a system and method for transferring data between a local computing system and a remote server so that file access privileges on the latter can be exploited by a program running on the former;
A further object of the present invention is to provide a system and method for permitting a user to engage in an interactive session during which they may modify content of data files from different remote sources, and still be able to capture and preserve such efforts in a local file system of the user""s computing system;
Another object of the present invention is to provide a system and method for a remote server to engage a user to perform the above mentioned objectives.
A data capture program of the present invention is characterized generally by the fact that it is restricted from accessing a first local file system, but does have access rights to a second file system at a separate computing system. When program data is generated during an interactive on-line session that cannot be transferred to such local file system, the program instead transmits such program data from the local computing system to the second file system. The data capture program is further configured to interact with a browser on the local computing system, which browser has access rights to the local file system. In this manner, the browser program can then access the program data from the second file system, and transfer the program data to an output and/or storage device in the local computing system.
In a preferred embodiment, the program data is generally associated with modified file data resulting from modifications made by a user to initial data from an initial data file. These modifications could include additions, deletions, edits, etc., of any initial data file type preferably retrieved from the remote system, such as a file containing chart data, an audio file, a video file, a text file, etc. During the interactive session involving modifications to chart data, for example, any updates by the user are displayed dynamically in a first window on a display device for ease of use. Such modifications, because of restrictions on the environment in which such are created, cannot normally be saved to the user""s local file system. Therefore, when the user wishes to save the results of such modifications, the modified file data is transferred as noted above to the remote server, where it is treated as described. Thereafter, the modified file data as retrieved from the remote server can be displayed in a second window to such user where it can be manipulated as desired by the browser program operating on the user""s machine. In this manner, a user can preserve and capture the results of their efforts during such interactive session on a local computing system for future reference.
To transfer the modified file data from the local computing system to the remote server, an encoder is preferably used to compress the file data into a standard file format readable by the browser program. In the case of a visual image data, for example, the preferred approach is to convert such file into a GIF or JPEG formatted file.
The data capture program of the present invention is preferably implemented with one or more Java applets which are in the form of a remote program stored at a remote server. These applets are initially downloaded during the interactive session from the remote server but then execute on the user""s local computing system within a restricted environment within the user""s browser program. The remote program is preferably configured such that it interacts with the browser program and performs at least the following operations:
(1) retrieving an initial data file from the remote server for use during the interactive session; and
(2) displaying information relating to the initial data file in a display window visible to the user; and
(3) accepting modifications to such initial data file during the interactive session; and
(4) saving such modifications to such initial data file in an modified data file;
(5) routing the modified data file to the remote server; and
In this fashion, the modified data file can be retrieved by the user at a later time and saved to the local file system by the browser program as noted above.
To further assist the user, the remote program also provides user command functions in the display window, which command functions can be used to generate the modifications more easily. As the modifications are made, the user is preferably given feedback to confirm the same (such as with a line drawn on a chart for example). The invention is also flexible in that more than one initial data file can be loaded from one or more remote servers and modified, thus permitting essentially unlimited editing capability.
A remote server of the present invention is configured to permit a user remote from such server to engage in an interactive on-line session with such server using the aforementioned remote program. In this way, the server can interact with the local machine as described above.
In a preferred embodiment of the remote program permitting a user to annotate chart data with visual labels and descriptions, an interactive portion of such program has a first executable routine for processing initial data from the initial data file obtained from the remote server and for storing first image data associated with the initial data in a window image data buffer. The browser program then causes the local computing system to display the first image data in a window on a display to the user. A second executable routine generates modified data based on the user""s modifying of the initial data with the visual labels and descriptions. A third routine then generates an modified data file based on the modified data, and then further transmits the modified data file to the remote server. Thereafter, the first routine, in cooperation with the browser, can also process the modified data file from the remote server, and thus the browser program can communicate the modified data file to a file system in the local computing system.
An interactive session between a local computing system and a remote server is therefore conducted in accordance with the present invention using the following preferred steps:
(a) accessing a remote program located on the remote server using a browser program located on the local computing system;
(b) executing the remote program on the local computing system;
(c) accessing an initial data file from the remote server with the remote program for use during the interactive session; and
(d) displaying an initial display image based on initial data from the initial data file; and
(e) modifying the initial data;
(f) saving the modified initial data as modified data; and
(g) transmitting an modified data file corresponding to the modified data from the local computing system to the server; and
(h) accessing the modified data file from the remote server with the remote program;
(i) communicating the modified data file to a file system in the local computing system using the browser program.
In the above described method, the modified data is derived from an initial data file (which may include more than one initial data file) and supplemental data input under control of a user of the remote program.
In a further variation, the updated data file is image data compressed using an encoder which translates a pixel stream into a file format usable by the browser program or another program having access to the local file system.
Data transfers of the present invention are accomplished through an on-line connection between a local computing system and a remote server preferably using the following steps:
(a) executing an interactive program on the local computing system, which interactive program coordinates with an on-line connection management program on such local computing system, and which interactive program further is restricted from accessing a local file system on such local computing system;
(b) accessing initial data information for use on the local computing system; and
(c) generating modified data information, which modified data information includes the initial data information and any additional data supplemental information added under control of a user of the interactive program; and
(d) saving the modified data information;
(e) transmitting the modified data information from the local computing system to the server; and
(f) accessing the modified data information from the remote server;
(g) communicating the modified data information to an output and/or storage device in the local computing system using the on-line connection management program.
Again, in a preferred embodiment, the modified data is compressed image data derived from dynamically modifying an initial data file. This image data is compressed using an encoder which translates a pixel stream into a file format usable by the second program. Nonetheless, the initial data file can be in a graphics file format, an audio file format, a text format, a video format, or some combination thereof.
An interactive, on-line session of the present invention permitting a user to engage in an interactive on-line session with a server using a remote program downloaded from the server but executing on the user""s local computing system, and wherein the remote program is restricted from accessing a file system on such local computing system, is accomplished as follows:
(a) coordinating communications between the server and a browser program also executing on the user""s local computing system during the interactive on-line session, the browser program further including software routines for interacting with the file system on the user""s local computing system; and
(b) receiving data at the server consisting of modified information transmitted from the remote program;
(c) creating an modified file for the modified information at the server, which modified file is accessible by the remote program;
(d) transferring the modified file to the local computing system so that the browser program can utilize the modified file;
In this manner, the browser program can thereafter transfer such modified file to an output and/or storage device in the local computing system, such as a printer, a local file system, etc.
Although the inventions are described below in a preferred embodiment, it will be apparent to those skilled in the art the present invention would be beneficially used in many environments where it is necessary to provide security constrained software routines with additional functionality.